What are reminders under GDPR?

Care providers…will likely have a very good reason for processing much of the personal data they hold for the purposes of providing medical care.

Reminder notifications fall under “very good reason for processing.” You have a legitimate business reason to send reminder notifications because it helps you deliver and manage the health services you provide:

Reminder notifications are also part of your clinic’s Legitimate Interests - it is common practice for people to rely on reminder notifications to actually show up for health care service appointments. People won’t be surprised that a health clinic offers reminder emails.

The processing of personal data in the form of a reminder notification for health care services has minimal privacy impact as defined under GDPR.

Checklist

There are two things to do to make sure you are following GDPR when sending out reminder notifications.

1 - First and foremost, your clinic needs to document the Lawful Basis upon which you are collecting and processing personal and health data. GDPR does not provide a standard on how to document your Lawful Basis so this could be in the form of a binder where you keep all of your policies and privacy information or it could be an electronic document or folder. The key is to ensure that what you record is sufficient to demonstrate that a lawful basis applies and the way you record it is accessible should you ever need to prove compliance with GDPR.

2 - GDPR also requires that you notify your patients of your data collection and use practices. What data do you collect? To what use do you put it? (Here you might explain that you collect email addresses in order to provide appointment reminder notifications). How long are you required by your regulating body to keep that data? Etc.

How to set up Jane

First, go to Settings > Reminders and Notifications. Under Notifications, click the top-right box for “Email Notifications.” Also check the boxes for the types of notifications you want to send. And finally, at the bottom there, click that one that says “Set all to Enabled.”

Not quite done yet. Now, make sure you allow your patients to opt-out of reminders if they don’t want them.

Under each reminder, you’ll want to click View:

Once the reminder opens up, make sure you have the reminder “Enabled” and “Patient Selectable.”

Now, by default, patients will receive reminder notifications, and they will have the choice to opt out if that’s what they wish to do.